GDPR

“Graphite HRM has long been committed to keeping our clients’ data private and secure. We want to reinforce this commitment as we move towards compliance with the GDPR.”

Moira Grassick – Associate Director.

The GDPR (General Data Protection Regulation) is the most important development of Data Protection Law for decades. It will strengthen and ultimately replace the existing Data Protection Act (1998) and is designed to protect the personal data and privacy of citizens across Europe. Regulation comes fully into effect on 25 May 2018.

What is Graphite HRM doing to prepare for GDPR?

“Graphite HRM has long been committed to keeping our clients’ data private and secure. We want to reinforce this commitment as we move towards compliance with the GDPR.” Alan Price – Group Operations Director.

The GDPR (General Data Protection Regulation) is the most important development of Data Protection Law for decades. It will strengthen and ultimately replace the existing Data Protection Acts 1988-2003 and is designed to protect the personal data and privacy of citizens across Europe. GDPR will not be affected by the UK’s exit from the EU and the Regulation comes fully into effect on 25 May 2018.

What is The Peninsula Group doing to prepare for GDPR?

The Peninsula Group is committed to adhering to the requirements of GDPR and the Data Protection Act.

We have taken many steps across the entire business to ensure we are ready for GDPR. We have identified what personal data we hold for our customers, why we hold it, where it is stored and for how long. We are already compliant with the Data Protection Act and our compliance with GDPR will build on this foundation. For more details please see our Privacy Information Notice for clients and website visitors

Here’s an overview of the steps we have taken on our GDPR Roadmap:

Board approval and support from the whole business to undertake this important work – COMPLETE

A thorough audit of all areas of our business, products and services which are likely to be impacted by GDPR – COMPLETE

Identify all systems and locations that hold personal data to ensure we know whether that data is held, why we hold it and for how long – COMPLETE

Develop a strategy and requirements for how to address the areas impacted by GDPR – COMPLETE

Implement the required changes to our internal processes and procedures required to achieve and maintain compliance with GDPR – COMPLETE

Ensure that key stakeholders are educated and informed about GDPR and the changes that will be required by our business – COMPLETE

Test all of our changes to verify and validate compliance with GDPR – COMPLETE

Finalise and communicate our full compliance prior to the deadline – COMPLETE

Our data security, privacy policies and processes are updated in line with the requirements of GDPR to ensure that we are not only compliant but go further to ensure that your data is safe with us. Based on the research conducted both internally and externally, we are confident the measures we have introduced will meet the requirements of GDPR.